NewYorkCountryLawyer writes: "The Electronic Frontier Foundation has entered the fray to defend the bloggers sued by Prenda Law Firm. Prenda, oblivious to such well known legal niceties as the Federal Rules of Civil Procedure, the affirmative defense of truth, the difference between a defamatory statement of fact and the expression of a negative opinion, and the First Amendment, has immediately — and illegally — sought to subpoena information leading to the identities of the bloggers. I would not be surprised to see these "lawyers" get into even more hot water than they're already in. And I take my hat off to the EFF for stepping in here."Link to Original Source

I actually just switched from Apple Mail back to Mutt, because a combination of Mail and an Exchange server ate a huge chunk of my email archive. I'm not sure if I'm really more productive, but I feel a lot more comfortable knowing I have a degree of control of what's going on, and that stuff is being stored in an open format (Mail switched from Maildir to something weirder a while back). Losing a chunk of my email archive was pretty traumatic.

The main thing holding me back was a decent email search feature -- I'd been watching notmuch for a while, and when I heard about muttkz, I compiled it and switched. I use davmail, offlineimap and muttkz. I use notmuch to search around 10 years of email.

I don't think this is a route I'd recommend for many others -- I've used mutt for years before Mail, and only switched over in the last couple of years. But it worked for me, and you did ask.

What form of expression would be acceptable to tell people that you're not working with somebody, and for what reason? Or is it important to keep this information confidential?

Or in other words, he has done pretty much exactly what you have done: expressed an opinion online. Why is what you are saying now not some sort of "hissy fit" about how somebody you don't even know disagrees with what you think? You certainly seem to be using stronger, more strongly opinonated language than Mitch Altman.

A large number of journalists and activists end up communicating with sources and each other using direct messaging on Twitter, so there is private information passing around. There's also the question of using login credentials to take over and fake messages. Also, there's the question of correlating Twitter identities with individuals (though I can think of a few strategies for attackers to do that even with https enabled).

I work with independent journalists in this and other at-risk countries, and consult with those seeking to protect activists. While you are perhaps right that the threat is, at heart, one of human rights, protecting those attempting to change or document that situation is also important. And lack of on-the-wire encryption also presents an almost constant temptation to even other countries supposedly better protected by the rule of law. The pervasive data-mining conducted by AT&T on behalf of the NSA is the obvious (and known) example here. I'm sure there are plenty more.

I don't think it's correct to characterise this as a "scarecrow" when a) we have actual evidence of countries using unencrypted communications to repress critics and protests against the regime, and b) this is a problem that all Internet users potentially face worldwide.

In order to protect and improve free speech and other rights, we need to build systems that are resilient when those rights are under attack.

I worked at the EFF and spoke with Austin several times about Haystack. On the basis of what I learned then, EFF never publicly advocated using Haystack, and told any journalist or fundraiser who queried us that until Austin submitted the code for an independent security audit, we could not recommend its use.

To be clear: EFF never made this request, and I made it clear to Austin that there were a number of ways that a technical security audit could take place without making the source publicly available (for instance, we offered to put him in touch with independent security consultants who work with Microsoft and Google under NDA).

EFF works has and will work with both closed source and open source vendors to improve their products' privacy and security.

Okay, that's pretty much what we're thinking -- warn now, release details as soon as we can. Right now I'm talking to people to establish how widespread the message is, and also to get some idea of the actual, non-technical risk of "being a Haystack user". One of the problems is that there may be non-trivial amount of retrospective risk.

The service is actually down; that's what Austin claimed he did on Friday.

Hey, Kangsterizer. I'm sorry if you read my blog post expecting to find substantive technical details; that does seem like a waste of time, and maybe I should have made it clearer at the start that there would not be that level of detail.

My claim, and that of others involved in this (including I believe the coder of the Haystack system, who is posting on this thread also) is that we can't give out more detailed info about the problems because we believe that would put people at risk.

I find this incredibly frustrating, because obviously people in your position are entirely right to be skeptical. I'd like you to not believe it's FUD, but I can't think of a way to convince you short of as I said, a detailed public analysis.

Assuming for the moment what I'm saying isn't an ingenious pack of lies or delusion, what do you think I should do?

Posted
by
timothyon Friday June 18, 2010 @08:15AM
from the effin'-sweet dept.

climenole writes "HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS."

They cut off your network access because of a report of infringement? Are you in the US? Do you think you could mail me at danny@eff.org with more info? We're always interested in the details of these incidents.

Ah yes. It's completely unreasonable for anyone to expect Apple to make a version of their phones with a CDMA (ie. the "wrong standard") radio in it. It's not like any other phone manufacturers build handsets for both standards. Certainly not RIM, Samsung, Palm, Motorola, etc.... Oh wait.

I'm not saying that there's anything _wrong_ with Apple's decision to only address part of the market. If they had to pick only one technology, they'll obviously pick the one with the biggest customer base.

What I'm saying is that the AC's implication that it is somehow strange for DarthVain to expect a phone to support more than one network is kind of ridiculous. It's not strange at all. In fact, Apple is pretty much the only phone manufacturer that sells into North America that doesn't also make CDMA phones. This fact will cost them some sales from people like DarthVain. They obviously know this, and are apparently okay with it.

It is also fairly annoying that it's necessary to hack the phone (jailbreak, whatever) to make it work with an otherwise compatible GSM network though. Vendor lock-in is pretty much par for the course with Apple stuff, though. It's part of why I don't really own any.

Thank you. You had to go and depress me with the truth again didn't you? If the "founding fathers" could have seen the end results of their work I honestly think they'd have put a musket to their heads.

The only way for a democracy to work is to have a strong majority of well educated and engaged citizenry. The only way for a totalitarian government to work is for it to consist wholly of well educated, selfless, empathetic leaders and bureaucrats. As far as I can tell, both are positions of unstable equilibrium and practically speaking unattainable. With that in mind... Anyone got a better idea?